CLAIMS 

11. A digital rights management system for controlling 

2 the distribution of digital content to player 

3 applications, the system comprising: 

4 a verification system to validate the integrity of 

5 the player applications; 

6 a trusted content handler to decrypt content and to 

7 transmit the decrypted content to the player applications, 

8 using an extension mechanism defined by the application, 

9 and to enforce usage rights associated with the content; 

10 and 

11 a user interface control module to ensure that 

12 users of the player applications are not exposed to 

13 actions that violate the usage rights; 

14 wherein the digital rights management system operates 
^ 15 independently without cooperation from the player 

^ 16 applications. 



s:y 12. A digital rights management system according to 

iig 2 Claim 1, wherein the verification system includes an off- 

3 line- verifier to verify that the player applications have 

4 certain properties, and to issue trust certificates to 

5 verify that the player applications have said properties. 
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13. A digital rights management system according to 

2 Claim 2, wherein the verification system further includes 

3 a verifying launcher for verifying that a particular 

4 player application is certified as a trusted application 

5 before digital content is transmitted to said particular 

6 player application. 

1 4. A digital rights management system according to Claim 

2 1, wherein the player applications request protected 

3 content, and the trusted content handler includes an 

4 authenticator to verify that a player application that 
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5 requests n^^ected content has been a\:^^rized by the 

6 verification system to access the requ^Ked, protected 

7 content. 



1 5. A digital rights management system according to Claim 

2' 1, wherein a user interface control module traps user 

3 interface related messages generated as a result of user 

4 interactions with player applications, blocks messages 

5 that lead to usage rights violations, and passes through 

6 other messages to the player applications. 

1 6. A digital rights management method for controlling 

2 the distribution of digital content to player 

3 applications, the method comprising the steps: 

4 providing a verification system to validate the 

5 integrity of the player applications; 

% 6 using a trusted content handler to decrypt content 

7 and to transmit the decrypted content to the player 

8 applications, using an extension mechanism defined by the 

9 applications, and to enforce usage rights associated with 

10 the content; and 

11 providing a user interface control module to ensure 

12 that users of the player applications are not exposed to 

13 actions that violate the usage rights; 



py 14 wherein the digital rights management system 

3 15 operates independently without cooperation from the 

16 player applications. 

1 7. A method according to Claim 6, wherein the step of 

2 providing a verification system includes the step of 

3 providing an off-line verifier to verify that the player 

4 applications have certain properties, and to issue trust 

5 certificates to verify that the player applications have 

6 said properties. 
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1 8. A mej^k according to Claim 7, wh^^in the step of 

2 providing ci verification system f urthe^^ncludes the step 

3 of providing a verifying launcher for verifying that a 

4 particular player application is certified as a trusted 

5 application before digital content is transmitted to said 

6 particular player application. 

1 9. A method according to Claim 6, wherein the player 

2 applications request protected content, and the step of 

3 using the trusted content handler includes the step of 

4 using an authenticator to verify that a player application 

5 that requests protected content has been authorized by the 

6 verification system to access the requested, protected 

7 content. 

1 10. A program storage device readable by machine, 

1= 2 tangibly embodying a program of instructions executable by 



\Ai 3 the machine to perform method for controlling the 

4 distribution of digital content to player applications, 

\U 5 the method steps comprising: 

6 using a verification system to validate the integrity 

7 of the player applications; 

8 using a trusted content handler to decrypt content 
|=y 9 and to transmit the decrypted content to the player 

ry 10 applications, using an extension mechanism defined by the 

11 applications, and to enforce usage rights associated with 

12 the content; and 

13 using a user interface control module to ensure that 

14 users of the player applications are not exposed to 

15 actions that violate the usage rights; 

16 wherein said method operates independently without 

17 cooperation from the player applications. 

1 11. A program storage device according to Claim 10, 

2 wherein the step of using the verification system includes 
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player app^cations have certain prope^Kes, and to issue 
trust certificates to verify that the player applications 
have said properties. 

12. A program storage device according to Claim 11, 
wherein the step of using the verification system further 
includes the step of using a verifying launcher for 
verifying that a particular player application is 
certified as a trusted application before digital content 
is transmitted to said particular player application. 

13. A program storage device according to Claim 10, 
wherein the player applications request protected content, 
and the step of using the trusted content handler includes 
the step of using an authenticator to verify that a player 
application that requests protected content has been 
authorized by the verification system to access the 
requested, protected content. 

14. A code identity and integrity verification system, 
comprising: 

a certificate generator for receiving applications, 
for determining if the applications exhibit a predefined 
property, and for issuing a trust certificate for each of 
the applications that exhibits the predefined property; 

a certificate repository for receiving and storing 
trust certificates issued by the certificate generator; 

a code verifier for verifying that a particular 
player application is certified as a trusted application 
before digital content is transmitted to said particular 
player application; and 

an authenticator for receiving requests, using an 
extension mechanism defined by the applications, to verify 
that a player application that requests protected content 
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has been 




iOrized by' the verificatioi 




stem to access 



the requesrea, protected content. 

15. A code identify and integrity verification system 
according to Claim 14, wherein the code verifier is 
responsible for launching the player application and 
verifying the identity and integrity of the code using the 
information in the trust certificate before launching the 
application; the launch procedure returning process 
identification information, which the code verifier 
records internally; the authenticator communicating the 
same or other process identification information 
concerning its own process, which it obtains from system 
service calls, to the code verifier at the time the 
application requests content from the authenticator; the 
code verifier matching this process identification 
information against the process identification information 
it recorded; the code verifier returning a code indicating 
whether the process was verified or not. 

16. -A code identity and integrity verification system 
according to Claim 14, wherein the code verifier receives 
from the authenticator process identification information 
at the time the player application calls the 
authenticator; the code verifier querying the operating 
system with the process identification information or the 
file names of all modules loaded for that process; the 
code verifier using the information in the trust 
certificate to verify the identity and integrity of the 
code modules; returning a code indicating whether the 
process was verified or not. 

17. A code identity and integrity verification system 
according to Claim 14, wherein the trust certificate 
includes : 
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4 a pro^^m identifier identifying ^Bld one of the 

5 applications; 

6 a property name identifying an attribute certified by 

7 the trust certificate; 

8 a code digest of the one application; 

9 a digital signature containing a secret key of the 

10 application certifier; and 

11 a certifier identification containing a public key of 

12 the application certifier. 

1 18. A method for verifying the identity and integrity of 

2 code, comprising the steps: 

3 using a certificate generator for receiving 

4 applications, for determining if the applications exhibit 

5 a predefined property, and for issuing a trust certificate 

6 for each of the applications that exhibits the predefined 
1 property; 

i;n 8 receiving and storing in a certificate repository 

9 trust certificates issued by the certificate generator; 
i=y 10 using a code verifier for verifying that a particular 

11 player application is certified as a trusted application 

" 12 before digital content is transmitted to said particular 

'i3 13 player application; and 

Jr; 14 using an authenticator for receiving requests, using 

i y 

fy 15 an extension mechanism defined by the application, to 

Q 16 verify that a player application that requests protected 

17 content has been authorized by the verification system to 

18 access the requested, protected content. 

1 19. A method according to Claim 16, wherein the trust 

2 certificate includes: 

3 a program identifier identifying said one of the 

4 applications; 

5 a property name identifying an attribute certified by 

6 the trust certificate; 
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^c^^igest of the one applicat^^* 

Lg^al signature containing a s^r 



7 a coc 

8 a dig^al signature containing a s?5ret key of the 

9 application certifier; and 

10 a certifier identification containing a public key of 

11 the application certifier. 

1 20. A program storage device readable by machine, tangibly 

2 embodying a program of instructions executable by the 

3 machine to perform method steps for verifying, out of 

4 process, the identity of code, said method steps 

5 comprising: 

6 using a certificate generator for receiving 

7 applications, for determining if the applications exhibit 

8 a predefined property, and for issuing a trust certificate 

9 for each of the applications that exhibits the predefined 
10 property; 

t — i 

!'5 11 receiving and storing in a certificate repository 

iin 12 trust certificates issued by the certificate generator; 

13 using a code verifier for verifying that a particular 

ry 14 player application is certified as a trusted application 

15 before digital content is transmitted to said particular 

:i 16 player application; and 

17 using an authenticator for receiving requests, using 

18 an extension mechanism defined by the application, to 

ry 19 verify that a player application that requests protected 



20 content has been authorized by the verification system to 

21 access the requested, protected content. 

1 21. A program storage device according to Claim 20, 

2 wherein the trust certificate includes: 

3 a program identifier identifying said one of the 

4 applications; 

5 a property name identifying an attribute certified by 

6 the trust certificate; 

7 a code digest of the one application; 
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a digj^^l signature containing a ^»:et key of the 

applicatioi^^ertif ier ; and ^ 

a certifier identification containing a public key of 
the application certifier. 
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